1337 and then 31337 for exec cmd..yea.. but have not seen more paid...
On 6 October 2011 19:01, Dan Dart dand...@googlemail.com wrote:
tl;dr past popcorn, but when I saw $2, I lol'd. Weren't Google giving $1337
at some point? And didn't it go up to like $50,000 for a terrible remote
root
If you want the right to demand certain things from the program, then go BUY
a program and do not harass people who are writing software for free, or go
and help the developers by writing the functionality yourself.
Juan Sacco
On Wed, Oct 5, 2011 at 6:32 AM, root ro...@fibertel.com.ar wrote:
-
As you might know, or not know, Exploit Pack is working without any
foundation, company, governement and money-giving guy.
There is no professionnal coder, programmer that is paid to develop this
program.
I have tried to ensure that the name of the exploit author is seen in all
the software.It
Hey,
Its really a shame that you didn't even take like 2 minutes to watch the
source code of Exploit Pack before create an opinion.
This can't be a copy of CANVAS. Canvas is made on Python. Exploit Pack JAVA.
See the diference? Also, please take a look at the interface design, both
are really
Hey.. I already gave you an answer about this.
AGAIN. For the last time.
I respect the author's name of all the exploits added to Exploit Pack, like
you suggest in a terrible and way.. Insulting and posting like 10 mail to
the this list. I will add a # Thank you [AUTHOR NAME ] for let us use
Hey, Wanna Join? and contribute to a with a GPL Project? Welcome aboard!!!
( Please do me a favor and read the license first )
Wanna keep talking about your personal opinion?
Please.. As it was told stop doing it here, this is not a chatroom. We have
a forum and a mailing list for that.
It
ro...@fibertel.com : I know you don't have any experience with open source
projects, but this is not the right way.
Next time you should try doing it well.
Go to GitHub and write the change your own. The community will moderate it
and then you will see your proposal applied.
To be clear. The
ro...@fibertel.com : I know you don't have any experience with open
source projects, but this is not the right way.
Next time you should try doing it well.
Go to GitHub and write the change your own. The community will moderate
it and then you will see your proposal applied.
To be clear. The
Bolud!
no jodes con un Porteño fino!
Aya se callen or desaparecen .
[[ Juan Sacco ]] @ [[ 06/10/2011 02:16
]]--
Hey.. I already gave you an answer about this.
AGAIN. For the last time.
I respect the author's name of all the
Telling people to move their criticisms off of the (unmoderated) public
forum and into the private forum that you control (and can freely censor as
you see fit) is ridiculous.
Now, if you really did as root said and just grabbed peoples' code from
various public outlets and put it into your GPL
On Thu, 06 Oct 2011 00:34:00 -0300, root said:
You don't have the faintest idea of how licencing works. You cannot slap
a GPL v3 license to any software you see, much less erase the author's
names. If you find a code in the internet without any license, you
pretty much can't touch it, and
On Wed, 05 Oct 2011 19:04:24 -0300, Juan Sacco said:
Exploit Pack is licensed GPL let me copy paste the 4 freedoms. I hope to
do it well this time.
Please note that one of the biggest complaints about the GPL is that it is
pretty much impossible to legally combine GPL code with code that has
I'd expect someone with the brain size of a pea would at least rename
variables in the code he claimed as his...
Someone with more sense would probably write such a 50-liner from scratch...
On Thu, Oct 6, 2011 at 4:01 PM, valdis.kletni...@vt.edu wrote:
On Thu, 06 Oct 2011 00:34:00 -0300,
On 10/05/2011 09:16 PM, Juan Sacco wrote:
** Also, I created a mailing list to discuss this kind of things, report
bugs and much more ( But sorry, NO INSULTING is allowed there ) **
Insults to you person are a very useful form of disclosure.
People needs to know that you are insane.
MITRE
Hi Valdis,
it is more complex than i thought...
I do support open src, and am going to try and help the exploit pack, so, i
hope that the maker is reading all of this and making some adjustments
perhaps... alot of them actually.
I did not think it was as complex as it has shown to be, but it
On Fri, 07 Oct 2011 06:36:51 +1100, xD 0x41 said:
I am still abit worried though, of the actual NON free prouct, and then,
what if you add to that, and he adds it to his paid-fopr app, or worse,
doesnt even put it into the exploit-pack but, rather puts it into ONLY the
paid product.
One of
Well, I guess then people nowdays should be keeping more watch on ANYTHING
they release into public... It is just going to get more complex i assume,
with adding more lisences, as creative commons has kindly done.. however i
do like theyre lisence, as it actually covers a .txt file, or even a .c
On Thu, Oct 6, 2011 at 3:36 PM, xD 0x41 sec...@gmail.com wrote:
Hi Valdis,
it is more complex than i thought...
I do support open src, and am going to try and help the exploit pack, so, i
hope that the maker is reading all of this and making some adjustments
perhaps... alot of them actually.
Re: putting things in the public domain: Daniel J. Bernstein and Lawrence
Rosen (of Creative Commons fame, I believe) seem to disagree with you on
that: http://cr.yp.to/publicdomain.html
Plus, pretty much the only 'license' djb uses is public domain, so qmail,
djbdns, etc. are all public domain.
On Thu, Oct 6, 2011 at 6:35 PM, Zach C. fxc...@gmail.com wrote:
Re: putting things in the public domain: Daniel J. Bernstein and Lawrence
Rosen (of Creative Commons fame, I believe) seem to disagree with you on
that: http://cr.yp.to/publicdomain.html
Plus, pretty much the only 'license' djb
On Thu, Oct 6, 2011 at 5:34 AM, root ro...@fibertel.com.ar wrote:
do not harass people who are writing software for free
Oh, that's rich.
--
“There's a reason we separate military and the police: one fights the
enemy of the state, the other serves and protects the people. When the
military
- * @author Stefan Zeiger (szei...@novocode.com)
- printWritten by Blake
- Information Author=Blake Date=August 23 2011 Vulnerability=N/A
+#Exploit Pack - Security Framework for Exploit Developers
+#Copyright 2011 Juan Sacco http://exploitpack.com
+#
+#This program is free software: you can
Wait there is more:
http://exploitpack.com/faq
How can I earn money by migrating exploits?
You will inmediately recieve $2 (US Dollars) in your PayPal account for
each approved exploit.
Juan Sacco, infosec needs people like you. You make me happy, Juan.
Thank you.
On 10/04/2011 12:42
On Wed, 05 Oct 2011 06:49:40 -0300, root said:
How can I earn money by migrating exploits?
You will inmediately recieve $2 (US Dollars) in your PayPal account for
each approved exploit.
At $2 per pop, you're going to see a lot of exploits that look like they were
mass-migrated by a Perl
I grab a bag of popcorn whenever Juan sends an email.
On Wed, Oct 5, 2011 at 4:25 AM, valdis.kletni...@vt.edu wrote:
On Wed, 05 Oct 2011 06:49:40 -0300, root said:
How can I earn money by migrating exploits?
You will inmediately recieve $2 (US Dollars) in your PayPal account for
each
When I saw this I too thought Insect. Though still, I dont recall Insect
having an exploit editor or ANY way to add modules (insect used a Metasploit
install IIRC), but it DOES remind me (scarily) of CANVAS. Might check it out
later.
Out of interest, I was considering asking - what is all your
wow i was not going to comment on that pack and have not yet looked but,
thats plain nasty... to remove a simple credit line, i mean it is not full
of greetz etc :s and replace... totally pathetic.
On 5 October 2011 20:32, root ro...@fibertel.com.ar wrote:
- * @author Stefan Zeiger
You will inmediately recieve $2 (US Dollars) in your PayPal account for
each approved exploit.
This is IT dream, 2bux for one 0day or, 100 = 200bux :P dang nabbit thats
just to good an offer!
what is sad, some people will actually 'do it'
until they maybe find some people selling one 0day, for
Out of interest, I was considering asking - what is all your opinions on
using Metasploit (via RPC) as the shell handler in an exploitation
framework? I was considering writing a fork of Fimap that used one.
Well here, i can say, I have recoded theyre whole fingerprinter for rpc/smb
and it r0x.
On Wed, Oct 5, 2011 at 5:32 AM, root ro...@fibertel.com.ar wrote:
- * @author Stefan Zeiger (szei...@novocode.com)
- print Written by Blake
- Information Author=Blake Date=August 23 2011 Vulnerability=N/A
+#Exploit Pack - Security Framework for Exploit Developers
+#Copyright 2011 Juan
Dont be angry about it, but, you could atleast give credit to those, your
paying a whole 2$ to, or even if NOT paid, you should leave AUTHOR name
INSIDE the exploit, maybe thats why it is being molested ?
GPL is fine, but, you are seen as a bad dude, simply coz you dont give
simple credit, and
Heya jeff,
The author is clearly not smart.
He is copying other codes, this is a plain rip off of canvas...hehe... and
same with his insect pro... he stole metasplit for tht one, then he wants
repect, when we see him removing simplly one line wich would atleast say a
ty and, show [ppl who writes,
On 10/05/2011 06:39 PM, xD 0x41 wrote:
You will inmediately recieve $2 (US Dollars) in your PayPal account for
each approved exploit.
This is IT dream, 2bux for one 0day or, 100 = 200bux :P
I have verified your calculations.
___
Full-Disclosure
i know eh, coders dream :P
Iits only 2bux per sploit you add.. so even from PoC code, to scanner, wow!
Thats a bargain, a day code per scanner, unfortunately tho this is good
money for some countrys, and people, and thats who the targets are for
this.. lower level skilled coders... nasty .
On 6
Juan,
I have not created any opinion (yet) but, is it rally fair, to give people
who code, 2 frigging dollars, for sometimes what would be 0day , or is it
nice, to remove the REAL auithors name, and add your own.
Thats the only grips i see, without having to look at it yet.
The whole look of it,
Information Author=Blake Date=August 23 2011 Vulnerability=N/A
Free Float FTP Server USER Command Remote Buffer Overflow Exploit
when parsing the command 'USR', which leads to a stack based overflow.
Also Free Float FTP Server allow remote anonymous login by default
exploiting these issues could
Juan,
why lie dude, i looked at your github LATEST pull/commit, what is this then
Exploit Pack/exploits/Free Float FTP Server - copia.xml
- View file @
as i said again stop the lies.'
Take a look if you want:
?xml version=1.0 encoding=UTF-8?
Module
Exploit NameXML=Free Float FTP Server
CodeName=FreeFloatFTPServer.py Platform=windows Service=ftp
Type=remote RemotePort=21 LocalPort= ShellcodeAvailable=R
ShellPort= SpecialArgs=
/Exploit
OK, now that is out of way, i would be very happy to help, and contribute
even, and will join that list, i dont have address offhand, but i will look
for it if i have to,...and, i will suggest things there, and, i am not
nasty, I just, respect authors.
I appreciate this change..and, i understand,
Yes, i will join.
http://exploitpack.com/mailing-list
i will try and contribute actually.. i see now why you removed abit of the
author name but... kinda handy to know it is always same author to ;p but,
we will discuss this on that list :)
i will look forward to trying to make it, abit nicer ...
Juan,
You don't have the faintest idea of how licencing works. You cannot slap
a GPL v3 license to any software you see, much less erase the author's
names. If you find a code in the internet without any license, you
pretty much can't touch it, and must re-implement it completely.
Software
I would say, this code would require better, like Creative Commons, perhaps
lisencing on 3rd party code, then it can be named exactly what is and isnt
added in as a 'paper' to the commons, it is better for his project, i
think... GPLv3 , i have not studied but, i am considering the use of 3rd
Exploit Pack is an open source security framework developed by Juan
Sacco. It combines the benefits of a
JAVA GUI, Python as Engine and well-known exploits made by users. It
has a module editor to make the task of
developing new exploits easier, Instant Search and XML-based modules.
This open
So this is from the same people that developed Insect Pro?
Chris
On Tue, 04 Oct 2011 10:42:07 -0500, nore...@exploitpack.com wrote:
Exploit Pack is an open source security framework developed by Juan
Sacco. It combines the benefits of a
JAVA GUI, Python as Engine and well-known exploits
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
insecurityresearch.com (the Insect PRO site) does in fact seem to
redirect to exploitpack.com - nice catch Chris.
Justin Klein Keane
http://www.MadIrish.net
The digital signature on this e-mail may be confirmed using the
PGP key located at:
I don't think it's supposed to be a secret. There are also references to
Insect Pro in the source code:
https://github.com/exploitpack/trunk/blob/master/Exploit%20Pack/src/com/exploitpack/main/License.java
BTW, you gotta love the scanner :)
XML Modules? In *my* exploit pack?
-Travis
On Tue, Oct 4, 2011 at 3:44 PM, Mario Vilas mvi...@gmail.com wrote:
I don't think it's supposed to be a secret. There are also references to
Insect Pro in the source code:
On 10/4/11 12:44 PM, Mario Vilas wrote:
I don't think it's supposed to be a secret. There are also
references to Insect Pro in the source code:
BTW, you gotta love the scanner :)
https://github.com/exploitpack/trunk/blob/master/Exploit%20Pack/src/com/exploitpack/scanner/ShowDialog.java
Would you kindly die in a fire?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
On Tue, 04 Oct 2011 20:01:26 EDT, Travis Biehn said:
XML Modules? In *my* exploit pack?
XML - the kudzu of the internet.
pgptYubnGpgKV.pgp
Description: PGP signature
___
Full-Disclosure - We believe in it.
Charter:
50 matches
Mail list logo